CVE-2018-11360
- EPSS 3.51%
- Veröffentlicht 22.05.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:13
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.
CVE-2018-11362
- EPSS 3.12%
- Veröffentlicht 22.05.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:13
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.
CVE-2018-3639
- EPSS 60.63%
- Veröffentlicht 22.05.2018 12:29:00
- Zuletzt bearbeitet 29.05.2026 21:16:34
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi...
CVE-2018-1108
- EPSS 1.83%
- Veröffentlicht 21.05.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:11
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
CVE-2018-8012
- EPSS 8.72%
- Veröffentlicht 21.05.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:13:05
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit cha...
CVE-2018-11319
- EPSS 2.74%
- Veröffentlicht 20.05.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:07
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicio...
CVE-2017-18271
- EPSS 2.24%
- Veröffentlicht 18.05.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:44
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
CVE-2017-18273
- EPSS 2.35%
- Veröffentlicht 18.05.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:44
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in ...
CVE-2018-11212
- EPSS 5.07%
- Veröffentlicht 16.05.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:54
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
CVE-2018-11213
- EPSS 2.63%
- Veröffentlicht 16.05.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:54
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.